A naukri.com initiative
Cyber Security News
Wired
1M
406
Image Credit: Wired
The US Army's Vision of Soldiers in Exoskeletons Lives On
- The United States Army is evaluating exoskeleton suits in order to help soldiers carry heavy loads on the battlefield.
- Soldiers recently completed a three-day assessment of commercially produced systems in order to determine if they could ‘meet the demands of our warfighters’.
- A formal outline of a program’s technical preconditions does not exist despite the Army announcing its intent to award a contract to exoskeleton maker SUITX back in August.
- The Department of Defense has been intermittently pursuing exoskeleton technology for decades including SOCOM’s Tactical Assault Light Operator Suit which was cancelled after five years of research and development.
- Lockheed Martin and Dephy ExoBoot are among the companies to have previously been awarded contracts for exosuit advancements.
- The US military's current interest appears to be primarily focused on using exoskeletons for logistics and resupply rather than combat engagements.
- However, the long-term aim of building a 'warrior suit' complete with integrated displays and weapons systems remains a possibility, albeit inactive.
- The US Army is yet to determine a primary purpose of a military exoskeleton.
- A ‘warrior suit’ has been mooted since the 1960s, but technological and integration issues have plagued developments, resulting in projects that never produce feasible prototypes.
- The Pentagon continues to explore robotic assist alternatives to increase soldier endurance and physical strength.
Read Full Article
24 Likes
Socprime
1M
27
Image Credit: Socprime
Addressing read_only_allow_delete After Disk Space Issues
- Indices in Elasticsearch can become read_only_allow_delete due to low disk space, which prevents write operations.
- Elasticsearch automatically applies a read-only block when disk usage thresholds are reached to protect cluster stability.
- To fix the issue, administrators need to manually remove the read_only_allow_delete setting and adjust disk watermark settings.
- This behavior is a protective mechanism in Elasticsearch, and administrators should review disk usage and thresholds to avoid future incidents.
Read Full Article
1 Like
Hackernoon
1M
365
Image Credit: Hackernoon
Why Are Hospital Ransomware Attacks Becoming More Frequent Globally? The UN Met to Discuss
- Hospital ransomware attacks are on the rise, leading healthcare administrators to invest in or update their cyberattack insurance policies.
- The issue has become so concerning that the United Nations Security Council recently met to discuss updated digital privacy and cybersecurity guidelines and how to reduce attacks.
- Over 33% of healthcare institutions were ransomware victims in 2020, with one-third of those paying the ransom.
- Ransomware has been around for decades, but the recent surge in attacks has been fueled by cryptocurrencies and increased sophistication in AI-driven automation.
- Gangs of hackers use AI for victim reconnaissance and identifying weak points and loopholes in AI-generated defence systems.
- Medical devices are easier targets for ransomware because they are not yet equipped with adequate defence systems as better-protected networked computer systems.
- Ransomware threats to health institutions must carry the same severe federal penalties as those that occur beyond networks and computerized frameworks.
- Vigilance in expert staff hiring and elevated adherence to advanced cybercrime security integration is essential to all hospital policies.
- The UN has highlighted the need for change and progress, but a greater understanding of the severity and potential consequences is needed.
Read Full Article
22 Likes
Socprime
1M
27
Image Credit: Socprime
How to Check What Task is Stuck and Cancel it on Dev-tools
- To check and cancel stuck tasks on Dev-tools, follow these steps:
- 1) Use the command 'GET _cat/tasks?v&h=id,ip,action,type,task_id,timestamp,running_time' to identify stuck tasks.
- 2) Use the command 'GET _tasks?actions=*
/&detailed' to get details of a specific stuck task. - 3) Use the command 'POST /_tasks/
/_cancel' to cancel a long-running task. - 4) If cancellation is not possible, restart the node where the task is running.
Read Full Article
1 Like
Cybersecurity-Insiders
1M
437
Image Credit: Cybersecurity-Insiders
COOs Will Make Impact-Based Security a Mainstream Requirement
- The COO will become increasingly involved in OT cyber decision-making to help bridge the gray area between CISOs and on-site facility managers.
- COOs will recognize that cyber insurance providers are increasingly pressuring enterprises to maintain better cyber risk hygiene, contributing to an overall improved risk-based cybersecurity agenda.
- Impact-based risk assessments, that estimate the potential financial losses to the business due to a cyber event, will better resonate with the COO decision maker.
- Another step forward will involve the growing combination of digital twins with AI to revolutionize how leaders tackle industrial cyber risk.
- Despite these gains, cyber risks will continue to pose a significant problem for OT facilities.
- Impact-based risk assessments have become critical for enhancing cybersecurity assessments by adding all that contextual information into the evaluation.
- Improved physical security can help reduce many cyber risks, just as better cybersecurity can help protect physical access control systems.
- Experts on either side regularly exclude the other risk, such as when cybersecurity assessments exclude physical security risk, and vice versa.
- Cyber incidents have caused increasing financial damages, even for the most prepared organizations.
- We should expect risk-based OT security to become more mainstream over the coming year, especially for Chief Operating Officers.
Read Full Article
26 Likes
Hackernoon
1M
40
Image Credit: Hackernoon
Cybersecurity in Crypto: Trends, Tactics, and Transformations
- The cryptocurrency market's rise has attracted attention from investors and malicious actors.
- Phishing campaigns and scams in the crypto space have resulted in over $350 million in losses.
- Ethereum-based attacks account for 75% of incidents, with USDT being the most targeted asset.
- Polygon has emerged as the second most targeted blockchain network for phishing attacks.
Read Full Article
2 Likes
The Register
1M
248
Image Credit: The Register
Fighting cybercrime with actionable knowledge
- Training and certification are crucial in the fight against cybercrime.
- SANS Institute celebrates 35 years of cybersecurity education and provision of Global Information Assurance Certification (GIAC) qualifications.
- SANS offers over 85 courses worldwide and has issued around 240,000 GIAC certifications.
- SANS constantly updates and creates new courses to keep up with evolving cyber threats.
Read Full Article
14 Likes
TechBullion
1M
361
Image Credit: TechBullion
Why Is Security Verification Important?
- Security verification is crucial for personal and organizational safety in an interconnected world.
- It protects sensitive information and prevents unauthorized access and fraud.
- Security verification ensures compliance with regulatory standards and fosters trust among clients and stakeholders.
- It mitigates risks, reduces financial losses, and promotes the ethical use of technology.
Read Full Article
21 Likes
Dev
1M
419
Image Credit: Dev
How to Detect and Defend Against SQL Injection Attacks(Part-1)[Must Read]
- SQL injection is a common vulnerability where attackers can execute malicious code which is directly executed by the database server.
- To detect SQL injection use both automated and manual testing and try inserting common SQL Injection payloads in the input fields.
- Use of prepared statements with parameterized queries are effective defense against SQL injection attacks.
- Cautiously involve ORM (Object-Relational Mapping) layers to interact with databases.
- Whitelist expected input, use regular expression for expected pattern and escape input using appropriate escaping functions.
- Employing web application firewalls can block malicious SQL injection attempts in real time.
- Ensure that database accounts should have least privileges and do not expose database errors.
- Conduct regular security testing to identify vulnerabilities.
- SQL injection remains a risk that can be mitigated by taking preventative measures.
- It is important to stay aware, conduct regular security testing, and apply the best practices to safeguard your system and secure sensitive data.
Read Full Article
25 Likes
Medium
1M
316
Image Credit: Medium
Communication Surveillance in the Digital Era: Balancing Privacy and Security
- Communication surveillance is crucial for detecting potential misuse or illegal activities in various communication channels.
- Advanced technologies like AI and machine learning have transformed communication surveillance, but raise concerns about privacy and overreach.
- Balancing privacy and security requires clearly defined legal and ethical frameworks, along with privacy-enhancing technologies.
- Regulatory oversight and adherence to global privacy standards play a crucial role in shaping the future of communication surveillance.
Read Full Article
19 Likes
Cybersecurity-Insiders
1M
149
Image Credit: Cybersecurity-Insiders
HawkEye Malware: Technical Analysis
- HawkEye, also known as PredatorPain, is a malware categorized as a keylogger but has adopted new functionalities that align it with the capabilities of other tools like stealers.
- HawkEye emerged before 2010 and gained significant popularity starting in 2013 after several spearphishing campaigns.
- Although it is not one of the most widely used malwares, it remains in active use and saw a significant resurgence during the COVID period.
- To conduct a quick analysis of HawkEye, ANY.RUN's Interactive Sandbox is used to extract critical data quickly.
- HawkEye's delivery methods are diverse compared to other malware but execution and behavior have remained consistent over the years.
- One of the dropped files, the smaller one, acts as the injector. The injector includes a phase where it checks running processes to detect analysis tools or whether the process is already running.
- HawkEye is not just a malware that establishes persistence once as it has been observed to check and establish persistence up to three different times depending on the phases.
- HawkEye carries out various functions such as keylogging, system information gathering, credential theft, screenshot capture, etc. once injected into vbc.exe or other processes.
- The builder provides a multitude of configuration options, allowing the attacker to choose where to send the stolen information, what to collect, whether to check for certain tools and change the payload data to make it appear legitimate.
- HawkEye has incredible versatility and longevity, making it a tremendously powerful and easy-to-use tool which unfortunately will continue to be seen in security incidents from actors of all types.
Read Full Article
8 Likes
Solarwinds
1M
293
Image Credit: Solarwinds
Navigating the NIS2 Directive and How SolarWinds Can Help
- The EU established the Network and Information Security (NIS) directive in 2016, and now an updated version NIS2 has been put in place to address cybersecurity gaps.
- NIS2 requires national strategies, competent authorities, cybersecurity risk-management measures, and reporting obligations for specified entities.
- Organizations in critical sectors deemed essential will require high levels of NIS2 compliance and reporting obligations.
- SolarWinds offers products such as Security Event Manager (SEM), Access Rights Manager (ARM), and Patch Manager that help organizations comply with NIS2 requirements.
- SEM provides real-time event correlation, security analytics, and compliance reports, enabling quick detection and response to security incidents.
- ARM helps manage and audit user access rights across IT infrastructure and track changes made to improve security posture.
- Patch Manager streamlines patch management by automating patching for Microsoft servers, workstations, and third-party applications ensuring systems remain secure and up-to-date.
- SolarWinds observability solution offers comprehensive visibility into IT infrastructure, tracking unauthorized activity and providing insight into performance and security issues.
- Using SolarWinds tools, organizations can enhance cybersecurity measures, meet the demands of NIS2, and improve the agility and flexibility of security and compliance teams.
- For organizations seeking to transform their security posture, SolarWinds offers a suite of cybersecurity solutions that can help build security strength levels.
Read Full Article
17 Likes
Dev
1M
0
Image Credit: Dev
Integrating AI in Microsoft 365: A Look at Copilot and AI-Driven Features
- Microsoft 365 Copilot is an AI-powered assistant embedded in Word, Excel, PowerPoint, Outlook, and Teams.
- Key features of Copilot include natural language processing for enhanced interaction, content creation and editing, data analysis and visualization, streamlined communication, and collaboration boost in Teams.
- Microsoft 365 also incorporates other AI-driven features like Viva Insights, AI-powered search, real-time translation and transcription in Teams, and enhanced security and compliance.
- AI integration in Microsoft 365 leads to increased productivity, better decision-making, improved collaboration, and personalized user experience.
Read Full Article
Like
Cybersecurity-Insiders
1M
121
Image Credit: Cybersecurity-Insiders
Ransomware spreading through Microsoft Teams
- Black Basta ransomware is spreading file-encrypting malware through Microsoft Teams.
- The group impersonates IT support personnel to trick users into revealing login information.
- This new strategy marks a shift from their previous methods of spam and social engineering.
- Microsoft advises users to be cautious of suspicious messages and verify sender's identity through other channels.
Read Full Article
7 Likes
Cybersecurity-Insiders
1M
49
Image Credit: Cybersecurity-Insiders
Protecting Against Inevitable Insider Threats
- The data layer remains insufficiently addressed in the Department of Defense Zero Trust Reference Architecture, leading to cyberattacks targeting sensitive data in all industries.
- Insider threats consistently prove to be a significant risk to corporate data, with multiple modes of attack.
- Ransomware requires the action of an insider, such as an employee clicking on a phishing email, to infiltrate the environment.
- A comprehensive approach to insider threat protection requires real-time detection, isolation, and recovery.
- Robust detection strategies include identifying ransomware early, monitoring user behavior with multi-factor analytics, using AI to detect sensitive content, and controlling external storage.
- Isolating detected attacks is essential to reducing potential damage, with immediate automated actions being necessary to mitigate further harm.
- Seamless recovery after detecting and containing the attack is crucial, with innovative backup systems offering continuous real-time rollbacks and minimal disruption to operations.
- The need for robust data protection strategies has never been greater, with the question of corporate data asset theft being a matter of when, not if.
- The ability to protect the data layer while being able to notice unusual user behavior is critical to combating insider threats effectively.
- A comprehensive and cohesive protection approach that emphasizes real-time detection, isolation, and recovery is necessary to combat insider threats effectively.
Read Full Article
2 Likes
For uninterrupted reading, download the app